摘要
零信任理念的提出和发展,提高了网络信息系统数据访问的可控性和可信性,有效增强了系统数据的安全性。但是,总不信任、永远验证的设计原则,也给用户进行数据访问带来了巨大的挑战,特别是在广域、异地身份验证情况下,严重影响用户访问数据的效率。针对广域、海量用户的身份认证需求,提出了一种基于区块链的身份认证方法,利用区块链技术的不可抵赖性,构造相应的用户身份注册、认证、更新方法,实现广域、海量用户的无中心化身份认证能力,提升网络信息系统身份认证效率,从而为零信任环境下的数据访问提供可靠保障。
The proposal and development of the concept of zero trust has improved the controllability and credibility of network information system data access,and effectively enhanced the security of system data.However,the design principle of total distrust and permanent verification also brings huge challenges to users’data access,especially in the case of wide-area and remote authentication,which seriously affects the efficiency of users’data access.For wide area and large amounts of user authentication requirements,this paper proposes a authentication method based on block chain.Based on the non-repudiation of block chain,it constructs the user registration,certification,update method,and realize the wide-area,vast users without a centralized identity authentication ability,improves efficiency of network information system authentication,which provides a reliable guarantees for zero trust environment data access.
作者
滕鹏国
刘飞
TENG Pengguo;LIU Fei(No.30 Institute of CETC,Chengdu Sichuan 610041,China)
出处
《通信技术》
2021年第5期1214-1219,共6页
Communications Technology
关键词
身份认证
区块链
零信任
数据访问
user authentication
block chain
zero trust
data access
